package com.token;

import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.RequestMethod;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class JWTFilter extends BasicHttpAuthenticationFilter {
    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
        try {
            String token = ((HttpServletRequest) request).getHeader("token");
            //if (token==null) return false;
            //System.out.println(token);


            //
            String username = JwtUtil.getUsername(token);
            String stationId = JwtUtil.getStationId(token);
            //if (username==null && stationId==null) return false;

            String url = ((HttpServletRequest) request).getRequestURI();
            String  id =  ((HttpServletRequest) request).getParameter("id");
            if (url.startsWith("/admin/station/"))
            {
                if (username!=null)
                {

                }
                else if (stationId!=null)
                {
                    if (stationId.equalsIgnoreCase(id)==false)
                    {
                        //return false;
                    }
                }
            }

            JWTToken jwtToken = new JWTToken(token);
            getSubject(request, response).login(jwtToken);


            String newToken = JwtUtil.updateToken(token);
            if(newToken.length()>0) {
                HttpServletResponse httpServletResponse = (HttpServletResponse) response;
                httpServletResponse.addHeader("token", newToken);

            }
            getSubject(request, response).checkPermission(url);
            return true;
        }catch (Exception e){
            System.out.println(e);
            return false;
        }

    }

    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        HttpServletResponse httpServletResponse = (HttpServletResponse)response;
        httpServletResponse.setStatus(401);
        return false;
    }

    @Override
    protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        HttpServletResponse httpServletResponse = (HttpServletResponse) response;
        httpServletResponse.addHeader("Access-Control-Allow-Origin", "*");
        httpServletResponse.addHeader("Access-Control-Allow-Headers", "*");
        httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE");
        httpServletResponse.addHeader("Access-Control-Expose-Headers", "token");

        // 跨域时会首先发送一个option请求，这里我们给option请求直接返回正常状态
        if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
            httpServletResponse.setStatus(HttpStatus.OK.value());
            return false;
        }

        return super.preHandle(request,response);
    }
}
